Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method for switching between multiple brandings of a remote desktop client operating on a secure boot device, the secure boot device storing a plurality of brandings for a user, the method comprising: initiating an operating system from the secure boot device at the remote desktop client, the secure boot device comprising a portable storage device readable by the remote desktop client; receiving credentials including a user identification and a password; receiving a selection of a first branding among the plurality of brandings, each of the plurality of brandings associated with a different entity from which a user may receive authorization to operate the remote desktop client; based on verification of the received credentials, booting, from the secure boot device, a desktop of the operating system in the selected first branding; receiving a selection of a second branding different from the first branding from within the desktop; and performing a desktop reset, wherein the desktop reset does not re-start the operating system initiated from the secure boot device and results in execution of the desktop in the second branding without requiring the user to re-enter credentials to operate the remote desktop client in the second branding, wherein the desktop executed in the first branding presents the user with access to a first set of remote desktop client resources and the desktop executed in the second branding presents the user with access to a second set of remote desktop client resources that are different from the first set of remote desktop client resources, and wherein access to the first and second sets of remote desktop client resources requires use of different sets of security parameters.
This invention relates to remote desktop client software and the problem of managing multiple brandings for a single user on a secure boot device. The method involves initiating an operating system from a portable storage device, which is part of the secure boot device. The user provides credentials, including a user ID and password. Subsequently, the user selects a desired branding from a plurality of available options, each associated with a different authorizing entity. After verifying the credentials, the operating system boots a desktop environment using the selected branding. From within this desktop, the user can then choose a different second branding. A desktop reset is then performed. Crucially, this reset does not restart the operating system from the secure boot device. Instead, it loads the desktop in the second branding without requiring the user to re-enter their credentials. Each branding provides access to a specific set of remote desktop client resources. The resources accessible in the first branding are different from those in the second branding. Accessing these different resource sets requires different security parameters.
2. The method of claim 1 , wherein performing the desktop reset does not re-boot the operating system.
A method for performing a desktop reset in a computing environment without rebooting the operating system. The method addresses the problem of system instability or performance degradation caused by corrupted or misconfigured desktop settings, applications, or user profiles, which traditionally requires a full system reboot to resolve. The method involves resetting the desktop environment to a default or predefined state while maintaining the underlying operating system processes and services in an active state. This includes restoring default configurations for user profiles, resetting application states, and clearing temporary files or caches without terminating the operating system kernel or core services. The method ensures that the desktop environment is restored to a functional state without the downtime associated with a full system reboot, improving user productivity and system availability. The approach is particularly useful in enterprise or multi-user environments where frequent reboots are impractical or disruptive. The method may also include logging the reset event and preserving user data or settings that are not part of the reset scope to minimize disruption.
3. The method of claim 1 , wherein each branding is associated with a different context.
A method for managing digital branding involves associating each branding element with a distinct context to enhance user engagement and personalization. The method operates within digital content delivery systems, where branding elements such as logos, colors, or messaging are dynamically adjusted based on contextual factors like user location, device type, or time of day. This approach solves the problem of static branding, which fails to adapt to varying user preferences or situational needs, leading to reduced engagement or relevance. The method includes generating a set of branding elements, each tailored to a specific context, and dynamically selecting the appropriate branding based on real-time contextual data. For example, a retail brand might display a winter-themed logo for users in cold regions or a mobile-optimized version for smartphone users. The system ensures consistency in branding while allowing flexibility to match different user contexts, improving user experience and brand perception. By associating branding with context, the method enables more targeted and effective digital interactions, addressing the limitations of one-size-fits-all branding strategies. The solution is particularly useful in e-commerce, advertising, and content platforms where personalized engagement is critical.
4. The method of claim 3 , wherein each context depends on a role of the user.
A system and method for dynamically adjusting user interface elements based on contextual factors, including user roles, to enhance usability and efficiency. The invention addresses the problem of static user interfaces that do not adapt to varying user needs, roles, or environmental conditions, leading to inefficiencies and usability challenges. The method involves monitoring contextual data, such as user roles, device capabilities, and environmental conditions, to determine the appropriate configuration of interface elements. Based on the detected context, the system dynamically adjusts the presentation, functionality, or availability of interface elements to optimize the user experience. For example, a user with an administrative role may see additional control options compared to a standard user. The system may also consider device constraints, such as screen size or input methods, to further tailor the interface. The adjustments are made in real-time or near-real-time to ensure seamless interaction. This approach improves accessibility, reduces cognitive load, and enhances productivity by providing a personalized and context-aware interface. The invention is applicable to various domains, including software applications, mobile devices, and embedded systems, where adaptive interfaces are beneficial.
5. The method of claim 4 , wherein each context is associated with a particular branding and one or more application scripts, wherein each branding and application script is stored in the secure boot device.
This invention relates to a secure system for managing and executing application scripts in different contexts, each associated with distinct branding and functionality. The system addresses the challenge of securely deploying and running applications in environments where multiple contexts or user profiles must be supported, ensuring that each context operates with its own branding and application scripts while maintaining security and isolation. The method involves storing branding elements and application scripts in a secure boot device, which is a tamper-resistant storage medium that ensures the integrity and authenticity of the stored data. Each context, representing a specific user profile or operational mode, is linked to a particular branding and one or more application scripts. When a context is activated, the corresponding branding and scripts are loaded from the secure boot device, allowing the system to present the appropriate interface and execute the required applications. This approach prevents unauthorized modifications to the branding or scripts, ensuring that each context operates as intended without compromising security. The secure boot device acts as a trusted source, verifying that the branding and scripts have not been altered before execution. This method is particularly useful in environments where multiple users or roles must be supported, such as kiosks, shared devices, or multi-tenant systems, where maintaining distinct and secure contexts is essential. The system ensures that each context operates independently, with its own branding and functionality, while preventing unauthorized access or tampering.
6. The method of claim 1 , wherein the desktop reset further comprises: shutting down a desktop of the remote desktop client; and restarting the desktop of the remote desktop client in the selected branding.
This invention relates to remote desktop systems, specifically addressing the need to dynamically update the branding of a remote desktop client without requiring a full system reboot. The problem being solved is the inefficiency of traditional methods that either require manual reconfiguration or a complete system restart to apply branding changes, leading to downtime and user disruption. The method involves a desktop reset process that includes shutting down the desktop environment of the remote desktop client and then restarting it in a newly selected branding configuration. This ensures that the client's interface, visual elements, and branding elements are updated to reflect the desired branding without requiring a full system reboot. The process is automated, reducing administrative overhead and minimizing user downtime. The method may also include selecting a branding configuration from a set of predefined options, where each configuration includes specific branding elements such as logos, color schemes, and interface layouts. The system ensures that the branding changes are applied consistently across all instances of the remote desktop client, maintaining a uniform user experience. The reset process is designed to be seamless, allowing users to quickly resume their work with minimal interruption. This approach improves system efficiency and user satisfaction by providing a flexible and efficient way to manage branding updates in remote desktop environments.
7. The method of claim 1 , wherein the desktop reset further comprises: shutting down the desktop based on receiving a shutdown command; displaying a credentials screen from the secure boot device; receiving credentials including a user identification and a password; and based on verification of the received credentials, booting, from the secure boot device, the desktop in the selected branding.
A method for securely resetting a desktop computing environment involves shutting down the desktop upon receiving a shutdown command. After shutdown, a credentials screen is displayed from a secure boot device, prompting the user to enter credentials including a user identification and a password. Upon verification of the credentials, the desktop is booted from the secure boot device, restoring the desktop environment with a selected branding. This method ensures that the desktop is securely reset and authenticated before being restored, preventing unauthorized access and maintaining system integrity. The secure boot device provides a trusted source for booting the desktop, ensuring that the system is initialized in a controlled and verified manner. The branding selection allows for customization of the desktop environment while maintaining security protocols. This approach is particularly useful in environments where secure access and system integrity are critical, such as enterprise or government settings. The method ensures that only authorized users can reset and access the desktop, reducing the risk of unauthorized access or tampering.
8. A secure system for switching between multiple brandings of a remote desktop client operating on a secure boot device, the secure boot device storing a plurality of brandings for a user, the system comprising: a client computer having a secure boot device connected thereto; a remote server communicatively connected to the client computer via a communications network; a trusted set of processing modules stored in the secure boot device that, when executed on the client computer, cause the client computer to: initiate an operating system from the secure boot device at the client computer, the secure boot device comprising a portable storage device connected to and readable by the client computer; receive credentials including a user identification and a password; receive a selection of a first branding among the plurality of brandings, each of the plurality of brandings associated with a different entity from which a user may receive authorization to operate the remote desktop client; based on verification of the received credentials, boot, from the secure boot device, a desktop of the operating system in the selected first branding; receive a selection of a second branding different from the first branding from within the desktop; and perform a desktop reset, wherein the desktop reset does not re-start the operating system initiated from the secure boot device and results in execution of the desktop in the second branding without requiring the user to re-enter credentials to operate the remote desktop client in the second branding, wherein the desktop executed in the first branding presents the user with access to a first set of remote desktop client resources and the desktop executed in the second branding presents the user with access to a second set of remote desktop client resources that are different from the first set of remote desktop client resources, and wherein access to the first and second sets of remote desktop client resources requires use of different sets of security parameters.
This invention relates to a secure system for switching between multiple brandings of a remote desktop client on a secure boot device. The system addresses the challenge of securely managing multiple user identities and access permissions across different entities while maintaining a single authentication process. The system includes a client computer with a secure boot device, such as a portable storage device, and a remote server connected via a network. The secure boot device stores multiple brandings, each associated with a different entity that authorizes remote desktop access. When executed, the system initiates an operating system from the secure boot device, verifies user credentials, and boots a desktop in a selected branding. The user can switch to a different branding without re-entering credentials, triggering a desktop reset that reconfigures the interface and access permissions. Each branding provides access to distinct sets of remote desktop resources, each requiring different security parameters. The system ensures secure transitions between brandings while maintaining the integrity of the operating system session. This approach simplifies multi-entity access management while enhancing security and user convenience.
9. The secure system of claim 8 , wherein performing the desktop reset does not re-boot the operating system.
A secure system for managing computing environments includes a method for performing a desktop reset without rebooting the operating system. The system addresses the need for rapid recovery of a computing environment to a known secure state without the downtime and resource overhead associated with a full system reboot. The desktop reset process involves terminating all user-level processes and applications while preserving the underlying operating system kernel and core services. This allows the system to return to a predefined secure state quickly, ensuring that any malicious or corrupted processes are eliminated without disrupting essential system functions. The system may also include mechanisms for verifying the integrity of system components before and after the reset to ensure a secure transition. Additionally, the system may support user-specific configurations and data persistence, allowing users to retain their settings and files while still benefiting from a clean, secure environment. The reset process is designed to be seamless, minimizing user disruption while maintaining high security standards. This approach is particularly useful in environments where rapid recovery from security threats or system corruption is critical, such as in enterprise or high-security computing environments.
10. The secure system of claim 8 , wherein each branding is associated with a different context.
A secure system is designed to manage and control access to digital content or services based on branding and contextual information. The system includes a branding module that assigns unique branding identifiers to different entities, such as users, devices, or applications, to distinguish them within the system. Each branding is linked to a specific context, which may include factors like user roles, device types, geographic locations, or time-based conditions. The system also features an access control module that enforces security policies based on the branding and context, ensuring that only authorized entities can access certain resources. Additionally, the system may include a monitoring module to track access attempts and detect anomalies, enhancing security by identifying unauthorized or suspicious activities. The branding and context-based approach allows for granular control over access permissions, improving security and reducing the risk of unauthorized access. The system may also support dynamic updates to branding and context, enabling real-time adjustments to security policies as conditions change. This ensures that access control remains adaptive and responsive to evolving threats or operational requirements.
11. The secure system of claim 10 , wherein each context depends on a role of the user.
Technical Summary: This invention relates to secure systems that manage access to resources based on user roles. The system dynamically adjusts access permissions by evaluating the user's role within a specific context, ensuring that only authorized users can perform actions relevant to their responsibilities. The context is defined by the user's role, which determines the applicable permissions and restrictions. This approach enhances security by preventing unauthorized access while maintaining flexibility for different user roles. The system includes a context evaluation module that assesses the user's role in real-time, a permission engine that enforces role-based access controls, and an authentication mechanism to verify user identity. The context is dynamically updated as the user's role changes, ensuring that permissions remain aligned with the current role. This prevents privilege escalation and unauthorized actions, even if a user attempts to bypass role restrictions. The invention improves upon existing role-based access control (RBAC) systems by incorporating dynamic context evaluation, reducing the need for static permission assignments. This allows for more granular and adaptable security policies, particularly in environments where user roles frequently change. The system is applicable in enterprise software, cloud computing, and other domains requiring fine-grained access control.
12. The secure system of claim 11 , wherein each context is associated with a particular branding and one or more application scripts, wherein each branding and application script is stored in the secure boot device.
A secure system is designed to manage and execute applications in isolated contexts, each associated with a specific branding and one or more application scripts. The system ensures that each context operates independently, preventing unauthorized access or interference between different contexts. The branding and application scripts for each context are securely stored in a secure boot device, which initializes the system and enforces security policies. The branding defines the visual and functional identity of the context, while the application scripts contain the executable code and logic required for the context's operation. By storing these components in the secure boot device, the system ensures that only authorized and verified branding and scripts are loaded, maintaining the integrity and security of each context. This approach is particularly useful in environments where multiple applications or services must run in isolation, such as in embedded systems, IoT devices, or secure computing environments. The secure boot device acts as a trusted source, ensuring that the system starts in a known secure state and that all subsequent operations adhere to predefined security policies. This isolation and secure storage mechanism prevent unauthorized modifications or access to the branding and application scripts, enhancing overall system security.
13. The secure system of claim 8 , wherein the desktop reset further comprises: shut down a desktop of the remote desktop client; and restart the desktop of the remote desktop client in the selected branding.
This invention relates to secure remote desktop systems, specifically addressing the need to dynamically adjust the branding of a remote desktop client while maintaining security. The system allows an administrator to reset a user's desktop session to apply a new branding configuration, ensuring consistent visual identity and compliance with organizational policies. The desktop reset process involves shutting down the current desktop session of the remote desktop client and restarting it with the selected branding. This ensures that all user interface elements, such as logos, color schemes, and other branding assets, are updated to reflect the new branding while preserving the security and integrity of the session. The system may also include additional security measures, such as authentication checks and session validation, to prevent unauthorized access during the reset process. The invention is particularly useful in environments where multiple organizations or departments share a remote desktop infrastructure, requiring flexible branding adjustments without compromising security. The solution ensures seamless transitions between branding configurations while maintaining a secure and controlled user experience.
14. The secure system of claim 8 , wherein the desktop reset further comprises: shut down the desktop based on receiving a shutdown command; display a credentials screen from the secure boot device; receive credentials including a user identification and a password; and based on verification of the received credentials, boot, from the secure boot device, the desktop in the selected branding.
This invention relates to secure computing systems, specifically a method for securely resetting a desktop environment while maintaining system integrity and user authentication. The problem addressed is ensuring that a desktop system can be securely rebooted or reset without compromising security, particularly in environments where multiple users or branding configurations are involved. The system includes a secure boot device that manages the reset process. When a shutdown command is received, the desktop is powered down. The secure boot device then displays a credentials screen, prompting the user to enter identification and password. Upon verification of these credentials, the system boots the desktop in a selected branding configuration, ensuring that only authorized users can access the system and that the correct branding is applied. This process prevents unauthorized access and ensures consistent system behavior after reset. The secure boot device acts as a trusted component, handling authentication and system initialization. The branding selection ensures that the desktop environment matches the expected user or organizational profile, which is critical in multi-tenant or enterprise environments. The system enforces security policies by requiring authentication before allowing system access, reducing the risk of unauthorized use or tampering. This approach is particularly useful in environments where security and branding consistency are priorities.
15. A non-transitory computer storage medium comprising computer-executable instructions stored in a memory of a secure boot device operating on a remote desktop client and including a trusted set of processing modules which, when executed, cause a computing system to: initiate an operating system from the secure boot device at the remote desktop client, the secure boot device comprising a portable storage device readable by the remote desktop client; receive credentials including a user identification and a password; receive a selection of a first branding among a plurality of brandings, each of the plurality of brandings associated with a different entity from which a user may receive authorization to operate the remote desktop client; based on verification of the received credentials, boot, from the secure boot device, a desktop of the operating system in the selected first branding; receive a selection of a second branding different from the first branding from within the desktop; and perform a desktop reset, wherein the desktop reset does not re-start the operating system initiated from the secure boot device and results in execution of the desktop in the second branding without requiring the user to re-enter credentials to operate the remote desktop client in the second branding, wherein the desktop executed in the first branding presents the user with access to a first set of remote desktop client resources and the desktop executed in the second branding presents the user with access to a second set of remote desktop client resources that are different from the first set of remote desktop client resources, and wherein access to the first and second sets of remote desktop client resources requires use of different sets of security parameters.
This invention relates to secure remote desktop systems that allow users to switch between different branded desktop environments without re-authenticating. The problem addressed is the need for secure, flexible access to multiple remote desktop environments with distinct branding and resource access, while maintaining security and avoiding repeated credential entry. The system uses a portable secure boot device containing an operating system and a trusted set of processing modules. When connected to a remote desktop client, the device initiates the operating system and receives user credentials (username and password). The user selects a branding associated with an entity (e.g., a company or organization) that authorizes access. After credential verification, the system boots a desktop in the selected branding, providing access to a specific set of resources and security parameters tied to that branding. The user can later switch to a different branding from within the desktop. This triggers a desktop reset that reconfigures the environment to the new branding without restarting the operating system or requiring re-authentication. The new branding provides access to a different set of resources and security parameters. This allows seamless switching between multiple secure desktop environments while maintaining strict access controls.
16. The non-transitory computer storage medium of claim 15 , wherein performing the desktop reset does not re-boot the operating system.
A system and method for performing a desktop reset on a computing device without rebooting the operating system. The technology addresses the problem of maintaining system stability and user productivity by allowing a quick restoration of the desktop environment to a default or previous state without the delays and disruptions associated with a full operating system reboot. The desktop reset process involves resetting the graphical user interface (GUI) components, clearing temporary files, and restoring default settings while preserving the underlying operating system processes and services. This approach ensures that applications and services remain running, reducing downtime and improving user experience. The system may also include features to selectively reset specific desktop elements or restore from a saved state, providing flexibility in managing the desktop environment. The method is particularly useful in environments where frequent resets are needed, such as in shared computing systems or kiosks, where maintaining a clean and consistent desktop state is critical. The solution enhances system reliability and efficiency by avoiding the need for a full reboot, which can be time-consuming and disruptive to ongoing operations.
17. The non-transitory computer storage medium of claim 15 , wherein each branding is associated with a different context.
A system and method for managing digital branding content involves storing branding elements in a database, where each branding element is associated with a specific context. The system retrieves and applies the appropriate branding elements based on the current context, such as user location, device type, or time of day, to dynamically adjust the appearance and behavior of digital content. This ensures that branding remains consistent and relevant across different platforms and user interactions. The system may also track user engagement with branded content to optimize future branding strategies. The method includes generating a request for branding content, retrieving the relevant branding elements from the database, and applying them to the digital content before presentation. The system supports multiple branding configurations, allowing for flexible and context-aware branding adjustments. This approach enhances user experience by delivering personalized and contextually appropriate branding, improving engagement and brand recognition. The solution addresses the challenge of maintaining consistent branding across diverse digital environments while adapting to varying user contexts.
18. The non-transitory computer storage medium of claim 17 , wherein each context depends on a role of the user.
Technical Summary: This invention relates to a system for managing user access to digital content based on contextual factors, particularly the user's role. The system dynamically adjusts access permissions by evaluating multiple contextual parameters, including the user's role, to determine the appropriate level of access. The invention addresses the challenge of balancing security and usability in digital environments where access control must adapt to varying circumstances without manual intervention. The system operates by storing digital content in a secure repository and defining access rules that incorporate contextual conditions. When a user requests access, the system evaluates the current context, including the user's role, to determine whether the request meets the predefined access criteria. If the conditions are satisfied, the system grants access; otherwise, it denies the request or prompts for additional authentication. The invention ensures that access permissions align with the user's role, enhancing security while maintaining operational efficiency. The system may also log access attempts and contextual data for auditing and compliance purposes. By dynamically adjusting permissions based on role and other contextual factors, the invention provides a flexible and secure approach to managing digital content access in environments where roles influence access requirements. This solution is particularly useful in enterprise systems, healthcare, and other sectors where role-based access control is critical.
19. The non-transitory computer storage medium of claim 18 , wherein each context is associated with a particular branding and one or more application scripts, wherein each branding and application script is stored in the secure boot device.
This invention relates to a secure system for managing and executing application scripts in a computing environment, particularly where different contexts require distinct branding and script execution. The system addresses the challenge of securely storing and deploying application scripts while ensuring that each context (e.g., user session, device mode, or operational state) is associated with a specific branding and set of scripts. The branding and scripts are stored in a secure boot device, which provides tamper-resistant storage and execution, preventing unauthorized modifications or access. The system dynamically loads the appropriate branding and scripts based on the current context, ensuring consistent and secure application behavior across different operational scenarios. This approach enhances security by isolating scripts and branding within a trusted execution environment, reducing the risk of unauthorized access or tampering. The invention is particularly useful in environments where multiple contexts must be supported securely, such as multi-tenant systems, enterprise applications, or devices with restricted access requirements. By storing branding and scripts in a secure boot device, the system ensures that only authorized and verified content is executed, maintaining integrity and security throughout the application lifecycle.
20. The non-transitory computer storage medium of claim 15 , wherein the desktop reset further comprises: shut down the desktop based on receiving a shutdown command; display a credentials screen from the secure boot device; receive credentials including a user identification and a password; and based on verification of the received credentials, boot, from the secure boot device, the desktop in the selected branding.
A system for securely managing desktop environments involves a non-transitory computer storage medium that stores instructions for resetting a desktop environment. The reset process includes shutting down the desktop upon receiving a shutdown command. After shutdown, a credentials screen is displayed from a secure boot device, prompting the user to enter credentials, including a user identification and a password. Upon verification of these credentials, the system boots the desktop from the secure boot device, applying a selected branding to the desktop environment. This ensures that only authorized users can access and customize the desktop, enhancing security and user-specific configuration. The secure boot device provides a trusted source for authentication and branding, preventing unauthorized access and ensuring consistent desktop environments. The system may also include additional features such as selecting branding options, managing user profiles, and enforcing security policies during the reset process. This approach improves security by requiring authentication before booting and ensures that the desktop environment is personalized and secure for each user.
Unknown
September 15, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.